I am trying to generate a vulnerability report from ZAP scan using OWASP-ZAP container.
I tried the following command. [it will map the container and host directory, run the scan, generate the report and write the report to the host machine]
docker run -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-weekly zap-baseline.py -t http://example.com -d –g example.conf -r report.html
Scan was running perfectly but it didn’t write the report to the host machine. It says, there is a permission denied error
I/O error: [Errno 13] Permission denied: /zap/wrk/zap
Scenario -2 [I did this to find whether the issue is only in the ZAP container or the other containers too]
So, I tried to create a file using “touch” command by mapping the host directory and container directory from ZAP, Ubuntu, Ngnix containers.
docker run -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-stable bash -c "touch /zap/wrk/demo.txt"
docker run -v $(pwd):/root:rw ubuntu bash -c "touch /root/demo.txt"
docker run -v $(pwd):/root:rw nginx bash -c "touch /root/demo.txt"
I got the same output for above 3 commands
touch: cannot touch ‘/root/demo.txt’: Permission denied
So, I think this is a common issue for all
Then I added the dockerroot user to the wheel group and change the group permissions to grant access to the docker root user to write file into the host machine. Got the same error. Hope you guys to help me to fix this. Thanks in advance